CVE-2006-7241

2010-09-2021:00:00

mitre

www.cve.org

ibm filenet p8ae

image viewer

acl

bypass

access restrictions

authenticated users

AI Score

Confidence

Low

EPSS

0.001

Percentile

45.6%

JSON

The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-002 removes a user from an ACL when the user is denied all permissions for an annotation, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.

References

download2.boulder.ibm.com/sar/CMA/IMA/00yrk/0/readme-ae351-021.htm